Skip to content

Use case "Simple HTTP agent"

This scenario outlines a straightforward use case in which we employ a graphical user interface (GUI) to establish an HTTP listener. Subsequently, an agent is configured to connect to this listener. Following this setup, we execute various commands within the agent and retrieve the results from these commands. This process demonstrates the ease with which users can set up communication channels and interact with the agent, facilitating the execution of commands and the monitoring of their outcomes through the GUI.

Prerequisites

  • Ensure that both the Command and Control (C2) and the Graphical User Interface (GUI) components are operational within their respective Docker containers
  • Be aware of the specific network locations (IP addresses or hostnames) where both the C2 and GUI services are actively running
  • Access to a web browser is required for interfacing with the GUI component :)

Steps

Login

To initiate the process, launch a web browser and establish a connection to the GUI-based machine through the port activated by the GUI web service. For me (and probably for lot of you, the service is running on localhost and port 12702). Upon successfully connecting, you will be greeted by a login interface. Here, you are required to enter the URL of the Command and Control (C2) server along with your login credentials.

alt text

First view

Once you have successfully logged in, you will be directed to the agents list view.

alt text

Listener view

Navigate to the "Listeners" option from the left-hand menu, which will bring up the listener view. Here, you can click on the large plus sign to open a new dialog for creating a listener.

alt text

Adding listener

In the new listener dialog, select the "shelldot.listener.agent-reverse-http" as the listener type. Following this selection, you will be presented with a subsequent dialog that enables you to swiftly configure your chosen listener. Within this configuration, the "Host" value is particularly crucial as it specifies the address that the agent will use to establish a connection to the Command and Control (C2) listener. Along with port number of course.

alt text

alt text

Generating executable payload

Upon successfully creating the new listener, it will be added to the list of listeners. At this point, you have the option to click on the agent downloading button (down pointing arrow) to generate a new agent and download it. This action will prompt a new dialog to appear, providing you with the opportunity to select the type of agent you wish to create. Typically, you will opt for the "shelldot.payload.windows-64" template with type "EXECUTABLE" that is straightforward 64bit executable files.

alt text

After running the payload

After downloading the agent executable, proceed to run it on the target machine. Following this action, if you navigate back to the agents view, you will observe the newly added agent listed there. To initiate control over this agent, simply click on the agent row itselt. This action will open a console window, providing you with direct access to command and control the agent.

alt text

alt text

Running the command

Within the console window, you are now equipped to begin inputting commands. For instance, you can execute a PowerShell command on the agent by providing it with the --command parameter followed by "ls". This command will initiate the "ls" command within the PowerShell environment of the agent's machine. After a brief waiting period, the results of this command execution will be returned to you.

alt text